Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
13.0.1, 12.1.3, 12.1.2
Fixed In:
12.1.3.6
Opened: Mar 28, 2018 Severity: 3-Major
SSL Forward Proxy signs a forged certificate with a hash algorithm. This selected hash algorithm is the weakest algorithm from the certificates in the server certificate chain except the self-signed certificate. Some of the intermediate CA certificates in the cert chain use the SHA1 hash algorithm. This kind of intermediate CAs is usually in the BIG-IP system's ca-bundle. BIG-IP receives the cert chain including the intermediate CA and forges the cert with SHA1, which is rejected by some web clients.
Clients cannot access the web server due to SSL handshake failure.
-- The BIG-IP system is configured to use SSL Forward Proxy or SSL Intercept. -- Some intermediate CA in the web server's cert chain is using a weak algorithm like SHA1 to sign certificates. -- The web client rejects the weak-algorithm-signed certificate.
There is no workaround at this time.
This fix excludes trusted CA certificates in hash algorithm selection. This may prevent forged certificate from using SHA1 hash algorithm.